From 98002329ad0b765c0d947e6613516d5f2dab45ea Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 20 May 2019 10:30:35 +0200 Subject: [PATCH] Port NewHope to fips202 structs --- crypto_kem/newhope1024cca/clean/poly.c | 6 +++--- crypto_kem/newhope1024cpa/clean/poly.c | 6 +++--- crypto_kem/newhope512cca/clean/poly.c | 6 +++--- crypto_kem/newhope512cpa/clean/poly.c | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/crypto_kem/newhope1024cca/clean/poly.c b/crypto_kem/newhope1024cca/clean/poly.c index 2ede9dea..10ec5535 100644 --- a/crypto_kem/newhope1024cca/clean/poly.c +++ b/crypto_kem/newhope1024cca/clean/poly.c @@ -202,7 +202,7 @@ void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tomsg(unsigned char *msg, const poly *x) void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_uniform(poly *a, const unsigned char *seed) { unsigned int ctr = 0; uint16_t val; - uint64_t state[25]; + shake128ctx state; uint8_t buf[SHAKE128_RATE]; uint8_t extseed[NEWHOPE_SYMBYTES + 1]; int i, j; @@ -214,9 +214,9 @@ void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_uniform(poly *a, const unsigned char *see for (i = 0; i < NEWHOPE_N / 64; i++) { /* generate a in blocks of 64 coefficients */ ctr = 0; extseed[NEWHOPE_SYMBYTES] = (unsigned char) i; /* domain-separate the 16 independent calls */ - shake128_absorb(state, extseed, NEWHOPE_SYMBYTES + 1); + shake128_absorb(&state, extseed, NEWHOPE_SYMBYTES + 1); while (ctr < 64) { /* Very unlikely to run more than once */ - shake128_squeezeblocks(buf, 1, state); + shake128_squeezeblocks(buf, 1, &state); for (j = 0; j < SHAKE128_RATE && ctr < 64; j += 2) { val = (buf[j] | ((uint16_t) buf[j + 1] << 8)); if (val < 5 * NEWHOPE_Q) { diff --git a/crypto_kem/newhope1024cpa/clean/poly.c b/crypto_kem/newhope1024cpa/clean/poly.c index 5ab00927..f9b4cce8 100644 --- a/crypto_kem/newhope1024cpa/clean/poly.c +++ b/crypto_kem/newhope1024cpa/clean/poly.c @@ -202,7 +202,7 @@ void PQCLEAN_NEWHOPE1024CPA_CLEAN_poly_tomsg(unsigned char *msg, const poly *x) void PQCLEAN_NEWHOPE1024CPA_CLEAN_poly_uniform(poly *a, const unsigned char *seed) { unsigned int ctr = 0; uint16_t val; - uint64_t state[25]; + shake128ctx state; uint8_t buf[SHAKE128_RATE]; uint8_t extseed[NEWHOPE_SYMBYTES + 1]; int i, j; @@ -214,9 +214,9 @@ void PQCLEAN_NEWHOPE1024CPA_CLEAN_poly_uniform(poly *a, const unsigned char *see for (i = 0; i < NEWHOPE_N / 64; i++) { /* generate a in blocks of 64 coefficients */ ctr = 0; extseed[NEWHOPE_SYMBYTES] = (unsigned char) i; /* domain-separate the 16 independent calls */ - shake128_absorb(state, extseed, NEWHOPE_SYMBYTES + 1); + shake128_absorb(&state, extseed, NEWHOPE_SYMBYTES + 1); while (ctr < 64) { /* Very unlikely to run more than once */ - shake128_squeezeblocks(buf, 1, state); + shake128_squeezeblocks(buf, 1, &state); for (j = 0; j < SHAKE128_RATE && ctr < 64; j += 2) { val = (buf[j] | ((uint16_t) buf[j + 1] << 8)); if (val < 5 * NEWHOPE_Q) { diff --git a/crypto_kem/newhope512cca/clean/poly.c b/crypto_kem/newhope512cca/clean/poly.c index b8075df5..aa3175f0 100644 --- a/crypto_kem/newhope512cca/clean/poly.c +++ b/crypto_kem/newhope512cca/clean/poly.c @@ -198,7 +198,7 @@ void PQCLEAN_NEWHOPE512CCA_CLEAN_poly_tomsg(unsigned char *msg, const poly *x) { void PQCLEAN_NEWHOPE512CCA_CLEAN_poly_uniform(poly *a, const unsigned char *seed) { unsigned int ctr = 0; uint16_t val; - uint64_t state[25]; + shake128ctx state; uint8_t buf[SHAKE128_RATE]; uint8_t extseed[NEWHOPE_SYMBYTES + 1]; int i, j; @@ -210,9 +210,9 @@ void PQCLEAN_NEWHOPE512CCA_CLEAN_poly_uniform(poly *a, const unsigned char *seed for (i = 0; i < NEWHOPE_N / 64; i++) { /* generate a in blocks of 64 coefficients */ ctr = 0; extseed[NEWHOPE_SYMBYTES] = (unsigned char) i; /* domain-separate the 16 independent calls */ - shake128_absorb(state, extseed, NEWHOPE_SYMBYTES + 1); + shake128_absorb(&state, extseed, NEWHOPE_SYMBYTES + 1); while (ctr < 64) { /* Very unlikely to run more than once */ - shake128_squeezeblocks(buf, 1, state); + shake128_squeezeblocks(buf, 1, &state); for (j = 0; j < SHAKE128_RATE && ctr < 64; j += 2) { val = (buf[j] | ((uint16_t) buf[j + 1] << 8)); if (val < 5 * NEWHOPE_Q) { diff --git a/crypto_kem/newhope512cpa/clean/poly.c b/crypto_kem/newhope512cpa/clean/poly.c index 364c7af6..6bd47ae6 100644 --- a/crypto_kem/newhope512cpa/clean/poly.c +++ b/crypto_kem/newhope512cpa/clean/poly.c @@ -198,7 +198,7 @@ void PQCLEAN_NEWHOPE512CPA_CLEAN_poly_tomsg(unsigned char *msg, const poly *x) { void PQCLEAN_NEWHOPE512CPA_CLEAN_poly_uniform(poly *a, const unsigned char *seed) { unsigned int ctr = 0; uint16_t val; - uint64_t state[25]; + shake128ctx state; uint8_t buf[SHAKE128_RATE]; uint8_t extseed[NEWHOPE_SYMBYTES + 1]; int i, j; @@ -210,9 +210,9 @@ void PQCLEAN_NEWHOPE512CPA_CLEAN_poly_uniform(poly *a, const unsigned char *seed for (i = 0; i < NEWHOPE_N / 64; i++) { /* generate a in blocks of 64 coefficients */ ctr = 0; extseed[NEWHOPE_SYMBYTES] = (unsigned char) i; /* domain-separate the 16 independent calls */ - shake128_absorb(state, extseed, NEWHOPE_SYMBYTES + 1); + shake128_absorb(&state, extseed, NEWHOPE_SYMBYTES + 1); while (ctr < 64) { /* Very unlikely to run more than once */ - shake128_squeezeblocks(buf, 1, state); + shake128_squeezeblocks(buf, 1, &state); for (j = 0; j < SHAKE128_RATE && ctr < 64; j += 2) { val = (buf[j] | ((uint16_t) buf[j + 1] << 8)); if (val < 5 * NEWHOPE_Q) {